04/27/2015

Obama Unclassified Emails Hacked

by ZixCorp

Over the weekend, the New York Times reported that an unclassified email account belonging to President Obama has been compromised by Russian hackers. The US government has a system named the Joint Worldwide Intelligence Communications System (JWICS, pronounced “Jay-wicks”) that is utilized to exchange classified information. Although it is alleged to have been one of the systems accessed by Chelsea/Bradley Manning, it is still believed to be very secure. Nevertheless unclassified information is routinely exchanged using regular email accounts, and according to the New York Times, “officials have conceded that the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.” I was at the RSA Expo in San Francisco last week where I had many conversations with security experts. A number of them expressed their frustration with business executives who still believe that most hackers are talented teenagers working out of their bedrooms. One cited the then 16 year old Kevin Mitnick who, famously, was convicted of breaking into dozens of computer networks back in 1979. I’ve been saying for years that the threat to businesses is not from naughty schoolboys amusing themselves with technology challenges; it is from well-funded organized crime and from national governments trying to obtain political or economic advantages. In the New York Times article, the authors state that “Chinese hacking groups are known for sweeping up vast amounts of commercial and design information” and that the hackers who accessed President Obama’s unclassified emails “are presumed to be linked to the Russian government, if not working for it.” Businesses need to protect their intellectual properties, and unfortunately we don’t have the use of JWICS. Instead we have email encryption to protect email when it travels outside secure firewalls, and by far the best implementation of a secure email encryption system is when it exists within a community of trust. That is, where all the members of the community have been pre-certified and cleared to receive encrypted emails transparently. The most popular transparent solution comes from Zix, and you can read more about Zix solutions here.